Cyber Attack To My LSWS Server

#1
Recently when I logged into my server through SSH. I was shocked to find that there were almost 1894 failed login attempts as shown in the SSH welcome screen. God knows how many have successfully crashed into my server. As a beginner I have no idea related to server attacks and intrusion. I was relying heavily on LSWS enterprise to do the security job for me.

Is there anything that the litespeed server itself takes care of ? Or should I install various third party softwares like fail2ban iptables etc etc. ? Please help. It's an e-commerce site being developed using
LSWS enterprise and I don't want any security compromise.
 

serpent_driver

Well-Known Member
#4
I'm not up2date with CyberPanel, but you should check if fail2ban is availabe for CyberPanel. There are some discussions about it in CyberPanel forum. To prevent brute force attacks against SSH LiteSpeed isn't responsible.
 
#7
Thanks for your response though. The only reason I'm using cyberpanel is that it's the same people who created litespeed and I thought it would be well configured and work out of the box.
 
#10
Hello Sir, Cyberpanel recommends disabling password-based authentication for SSH, please use key-based auth instead. Similarly, cyberpanel offer the option to easily change ssh port and disabling root access

All of the above can be done from Security -> Secure SSH

Best Regards
 
Top